
MAEDA et a/., SN 09/585,358 
Amdt. dated 04/05/2004 



Dkt. 500.3861 8X00/E5272-01EK 

Page 13 



Reply to OA mailed 12/04/2003 
IN THE CLAIMS: 

1 . (Currently Amended) A m e thod A system for managing a public key in an 
environment having a hierarchical network with a domain name at each hierarchy, a 
DNS server provided at each hierarchy r-fef for managing correspondence between 
said the domain name and an address, and hosts accommodated in sate the 
network, sa\4 the DNS server serving to distribute a public key of another host to the 
host belonging to said the network, said the DNS server having means for managing 
said the public key and a database for storing the public key of the host belonging to 
said the network and said the domain name in a corresponding manner, the method 
comprising; th e st e p of: 

when the a first host issues an inquiry about the a public key of the a second 
host on the information about said the domain name, prompting said the means for 
managing said the public key to refer to said the database, thereby answering the 
information on the public key of the second host corresponding to said the domain 
name to said the first host. 

2. (Currently Amended) A m e thod A system for managing a public key as 
claimed in claim 1 , wherein when said the DNS server receives an inquiry of the 
public key of the second host from the first host, if no entry corresponding to the 
domain name of inquiry is found in said the database of said the DMS server itself, 
the solution of the inguiry of said the public key is recursively entrusted to another 
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DMS server provided with said the another means for managing a public key and the 
database along the hierarchy of said the domain name. 

3. (Currently Amended) A m e thod A system for managing a public key as 
claimed in claim 1 , wherein said the host provides means for inquiring said about the 
DNS server of the public key of another host, said the means serving to inquire said 
about the DMS server of the corresponding public key to the domain name of tbe a 
target host when the a security communication is started. 

4. (Cancel) 

5. (New) A server apparatus connectable a network, comprising: 
a network control unit connected to the network; 

a packet processing unit for transmitting/receiving a packet to the network 
through the network control unit; and 

an answer processing unit for processing by receiving a first inquiry packet for 
inquiring about an address corresponding to a domain name of a certain host 
apparatus or a second inquiry packet for inquiring about a public key corresponding 
to a domain name of an optional host apparatus received from the network, the 
answer processing unit having: 

an address store unit for storing each domain name of more 
than one host apparatus connected to network and each corresponding 
address thereof in a corresponding manner; and 
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a public key store unit for storing each domain name of more 



than one host apparatus connected to the network and each 



corresponding public key in a corresponding manner; 



an address processing unit, where if a packet received from the packet 
processing unit is the first inquiry packet, retrieving any address corresponding to the 
domain name of the optional host apparatus stored in the address store unit, and 
then generating an address answer packet for sending the address it to the packet 
processing unit; and 

a public key processing unit, where if a packet received from the packet 
processing unit is the second inquiry packet, retrieving any public key corresponding 
domain name of the optional host apparatus stored in the public key store unit, and 
then generating a key answer packet for sending the public key to the packet 
processing unit. 

6. (New) A server apparatus according to claim 5, wherein if the public key 
corresponding to domain name of the optional host apparatus is not stored in the 
public key store unit, the public key processing unit generates a forwarding inquiry 
packet for inquiring about the public key corresponding to a domain name of the 
optional host apparatus, to at least one other server apparatus connected to the 
network, and transmits the forwarding inquiry packet to the packet processing unit. 



7. (New) A server apparatus according to claim 5, wherein the answer 
processing unit comprises an electronic signature processing unit for adding an 
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electronic signature to the second answer packet if a request for an electronic 
signature is included in the second inquiry packet. 

8. (New) A server apparatus according to claim 5, wherein the answer 
processing unit comprises an electronic signature processing unit for confirming 
whether an electronic signature added to the second inquiring packet is trusted by 
using a public key corresponding to an apparatus which transmitted the second 
inquiry packet. 

9. (New) A server apparatus according to claim 7, wherein the public key 
processing unit of the answer processing unit, in the second inquiry packet, if server 
apparatus to which electronic signature to be added is, assigned, the assigned 
server apparatus judges whether it is its own server apparatus or not, if it is not its 
own server apparatus, then generating packet for requesting addition of the 
electronic signature to the second answer packet to the assigned server apparatus 
and transmit to the packet processing unit. 

10. (New) A host apparatus connectable to a network, comprising: 
a network control unit connected to the network; 

a packet processing unit for transmitting/receiving packet to the network 
thorough the network control unit; 

an address inquire unit for generating a first inquire packet for inquiring 
address corresponding domain name of optional other host apparatus connected to 
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the network, and the address inquire unit receives a first answer packet answering 
address corresponding to domain name of the optional other host apparatus through 
the packet processing unit, 

a public key inquire unit for generating a second inquire packet for inquiring 
public key corresponding to domain name of optional other host apparatus 
connected to the network and transmit to the packet processing unit, the public key 
inquire unit receives a second answer packet for answering public key of optional 
other host apparatus through the packet processing unit, and; 

a public key store unit for storing public key included in the second answer 
packet and domain name of optional other host apparatus in a corresponding 
manner. 

11 . (New) A host apparatus according to claim 10, wherein the public key 
inquiry unit retrieve on whether public key corresponding to domain name of the 
optional other host apparatus is stored in the public key store unit, if not stored, then 
generate the second inquiry packet. 

12. (New) A host apparatus according to claim 10, further including electronic 
signature check unit for checking on whether the electronic signature is correct or not 
by using of public key of pre-selected other apparatus when electronic signature is 
added to the second answer packet. 
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13. (New) A host apparatus according to claim 10, wherein the public key 
inquiry unit selects other apparatus for adding the electronic signature to the second 
answer packet, and add information for assigning selected the other apparatus to the 
second inquiry packet. 

14. (New) A host apparatus according to claim 12, wherein the public key 
inquiry units selects other apparatus to add electronic signature to the second 
answer packet, and to add information assigning the selected other apparatus to the 
second inquiry packet. 

15. (New) A host apparatus according to claim 10, further including a security 
communication unit for carrying out security communication with the optional other 
host apparatus by using the public key obtained by the second answer packet. 



